Updating the security file
About this task
By default, every workstation in a HCL Workload Automation network (domain managers, fault-tolerant agents, and standard agents) has its own security file. You can maintain that file on each workstation, or, if you enable centralized security management, you can create a security file on the master domain manager and copy it to each domain manager and agent, ensuring that all HCL Workload Automation users are assigned the required authorization in the file (see Centralized security management). Whether working on an agent workstation for an individual security file, or on the master domain manager to modify a centralized file, the steps are just the same; all that changes are the number of users you are defining - just those on the local system or all in the HCL Workload Automation network.
Neither the HCL Workload Automation processes nor the WebSphere Application Server infrastructure needs to be stopped or restarted to update the security file. You just need to close any open conman user interfaces before running makesec.
- Navigate to the TWA_home/TWS directory from where the dumpsec and makesec commands must be run.
- Run the dumpsec command to decrypt the current security file into an editable configuration file. See dumpsec.
- Modify the contents of the editable security configuration file using the syntax described in Configuring the security file.
- Close any open conman user interfaces using the exit command.
- Stop any connectors on systems running Windows operating systems.
- Run the makesec command to encrypt the security file and apply the modifications. See makesec.
- If you are using local security, the file will be immediately
available on the workstation where it has been updated. If you are using centralized security (see Centralized security management) you must now do the following:
- If you are using a backup master domain manager, copy the file to it
- Distribute the centralized file manually to all fault-tolerant agents in the network (not standard, extended, or broker agents), and store it in the TWA_home/TWS directory
- Run JnextPlan to distribute the Symphony file that corresponds to the new Security file